package org.example.securitydemo.config;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import jakarta.annotation.Resource;
import org.example.securitydemo.entity.User;
import org.example.securitydemo.mapper.UserMapper;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsPasswordService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.provisioning.UserDetailsManager;
import org.springframework.stereotype.Component;

import java.util.ArrayList;
import java.util.Collection;

@Component
public class DBUserDetailsManager  implements UserDetailsManager, UserDetailsPasswordService {
    @Resource
    private UserMapper userMapper;
    @Override
    public UserDetails updatePassword(UserDetails user, String newPassword) {
        return null;
    }

    /**
     * 向数据库中插入新的用户信息
     * @param user UserDetails
     */
    @Override
    public void createUser(UserDetails user) {
        User entity = new User();
        entity.setPassword(user.getPassword());
        entity.setUsername(user.getUsername());
        userMapper.insert(entity);
    }

    @Override
    public void updateUser(UserDetails user) {

    }

    @Override
    public void deleteUser(String username) {

    }

    @Override
    public void changePassword(String oldPassword, String newPassword) {

    }

    @Override
    public boolean userExists(String username) {
        return false;
    }

    // 从数据库获取用户信息
    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        QueryWrapper<User> queryWrapper = new QueryWrapper<>();
        queryWrapper.eq("username", username);
        User user = userMapper.selectOne(queryWrapper);
        if (user == null){
            throw new UsernameNotFoundException("用户名["+username+"]不存在");
        }
        Collection<GrantedAuthority> authorities = new ArrayList<>();
        // 直接给登陆用户硬编码，加上两个权限，实际需要在数据库那边做查询
        authorities.add(()->"USER_LIST");
        authorities.add(()->"USER_ADD");
        //return new User(user.getUsername(), user.getPassword(), user.isEnabled(), user.isAccountNonExpired(), user.isCredentialsNonExpired(), user.isAccountNonLocked(), user.getAuthorities());

        // return new org.springframework.security.core.userdetails.User(
        //         user.getUsername(),
        //         user.getPassword(),
        //         user.getEnabled(),
        //         true, // 用户账号是否过期
        //         true, // 用户凭证是否过期
        //         true, // 用户是否未被锁定
        //         authorities // 用户的权限列表
        // );

        // 基于角色的
        return org.springframework.security.core.userdetails.User
                .withUsername(user.getUsername())
                .password(user.getPassword())
                .disabled(!user.getEnabled())
                .credentialsExpired(false)
                .accountLocked(false)
                // .roles("ADMIN")
                // 这个和上面的roles只能使用一个，后面的后把前面的覆盖
                .authorities("USER_ADD","USER_LIST")
                .build();
    }
}
